VeraCrypt: update drops 32-bit support on Windows and fixes several security issues

The first update of 2025 for the open source encryption software VeraCrypt is now available. VeraCrypt 1.26.18 is a security update that is also introducing a number of fixes and other changes, including dropped support for 32-bit versions of Windows.
The details:
- VeraCrypt 1.26.18 fixes two security issues affecting the Linux and Mac versions of the software.
- On Windows, 32-bit support has been dropped.
- The minimum Windows version is now Windows 10 version 1809.
What is VeryCrypt? VeraCrypt is an encryption software that you may use to encrypt entire systems, drives, partitions, or protected containers on storage devices.
Tips:
- Fix the VeraCrypt "Automatic Repair" issue on Windows
- How to change the PIM of a VeraCrypt volume
- Installing VeraCrypt in GNU/Linux
Downloading and installing the VeraCrypt update
VeraCrypt comes without built-in updating support. This means that you need to download and install the new release manually. First thing you may want to do is check the current version.
Tip: you can check the current version by selecting Help > About VeraCrypt in the interface.
While you may visit the official downloads page, you may notice that it does not link to the latest version just yet. Check the project's SourceForge repository instead. There you find the latest downloads. Note that the installation requires a reboot.
The security fixes
VeraCrypt 1.26.18 fixes two security issues that affect the Linux and Mac versions of the encryption software. They are:
- CVE-2024-54187: Added absolute paths when executing system binaries to prevent path hijacking
- CVE-2025-23021: Prevent mounting volumes on system directories and PATH
Additional details have not been published at the time of writing.
The non-security changes
All operating systems got support for AES hardware on ARM64 platform and "SHA-256 x86 intrinsic to enhance the performance of PBKDF2-HMAC-SHA256".
Windows users need a 64-bit version of the operating system and at least Windows 10 version 1809 to run the latest VeraCrypt release. Users on older versions of Windows need to keep using the outdated versions of VeraCrypt to keep on using it (or upgrade Windows).
The release makes a few noteworthy changes next to that:
- Reduces driver deadlock issues under low-memory scenarios.
- Fixed an issue affecting the creation of Traveler Disks.
- Changed generators to modern ones to improve security.
- Updated libraries.
There are also non-security changes for Linux and mac OS. On macOS, screen capturing is now disabled by default. The --allow-screencapture enables it again for those who require it. There is also a fix for both systems that ensures that a volume exists before the mounting operation is started.
You can check out the full changelog here if you are interested.
Do you use encryption software? If so which and why that one? Feel free to leave a comment down below.


This type announcement is going to be one of many popping up.
Few days ago EA (the broadcom of gaming), announced that they are killing the Origin app (32bits) and require people to move to the EA app (64bit only) – or be unable to login and unable to launch their games (because it is app-hooked).
Common denominator: MS is going to end (support of) 32bit versions of windows. This is happening this year, heard april or may being mentioned.
You’ll still be able to run 32bit apps just fine in 64bit windows, it is just that many will be EOL’ing their 32bit versions ahead of this anyway, just because they want to axe it anyway, realizing that they don’t have many customers on 32bit and are itching to only maintain one edition so they can save a few dev hours on that budget.
I know it is called IA32/win32, just being common people friendly.
It is just the 32bit version of windows that is going away, not the ability to run win32 software.
The dropping of the actual win32api is really far away. They might begin dropping the certification of new 32bit drivers, but not the core win32 stuff yet.
Switched to Bitlocker (always with a password, and without an MS account) a few months ago for both system and USB drives, and am not going back to VeraCrypt.
I need very high reliability combined with real-world non-trival crack-resistance, not worried about quantum attacks from the NSA beaming chemtrail-space-lasers through my tin-foil hat. I’m protecting, at best, mid-level commecial secrets and IP, not missile launch codes.
Bitlocker just works. I can set it up on a client’s machine in a couple of minutes, and non-geek clients can figure it out how to use it without phoning me. And it updates itself. None of those things were true with VeraCrypt.
Downside is you need Win Pro or higher. If your time is worth anything, it’s worth payng for the upgrade. Or I’m told you can DuckDuckGo “massgrave” for how to activate Pro on a Win Home machine.
I’m no fan of MS, and I am a fan of FOSS, so if anyone can show me hard evidence that BL-with-a-decent-password is crackable, I’m ready to change my mind. Conspiracy theories don’t count.
After your arrest, all it takes for the cops is one phonecall to Microsoft and your Bitlocker drive is decrypted in notime.
This is disinformation. You cannot get someone’s Bitlocker-encrypted drive unlocked by calling Microsoft.
The Bitlocker ‘backdoor’ you heard about on fakenews websites is because of a backdoor in the Windows Setup image of Windows 10 & newer ISO images.
This backdoor in the Windows Setup image sends your Bitlocker key to Microsoft (if you use this instead of the real installed OS’s encryption) because that’s pretty much what Microsoft needs to decrypt it; otherwise Bitlocker alone can’t be attacked with a ‘secret golden key backdoor’, and it can’t decrypt it.
Bitlocker itself hasn’t been backdoored in such ways, and its current ‘backdoor’ is not even one that compromises its security; it’s just a design implementation where it’s very easy to identify that it’s an encrypted drive.
So if you use Bitlocker you just need to go full-privacy and refuse to decrypt it, without trying to claim that it’s ‘not encrypted’ (because it’s very clearly a Bitlocker drive).
And the fact that TPMs have implicit backdoors through the conscious use of weak security for their firmwares has nothing to do with Bitlocker; it’s on the motherboard manufacturer to verify that the TPM security isn’t shit.
You could just simply never trust your TPM and encrypt your Windows partition on a Pro edition when Windows is installed, by using a password (not TPM).
Most (if not all) TPMs are shit today, but Intel is unexpectedly the more honorable option in the TPM industry (alongwith AMD); the fTPM (a TPM device emulated by your CPU).
Bitlocker recovery options can also be disabled if you don’t trust the 48-digits recovery key system.
Last note: the arrests of people known for encrypting their computers will generally happen while the laptop is decrypted, they will just patiently wait until they can arrest you while your PC is still powered on (if you were worth waiting for it to begin with).
If you’re actually ‘smart’, then the cops shouldn’t even think that your devices might be encrypted.
You should not be advertising everywhere that you have ultra-best-encryption on your computer, because then you’re just helping them to prepare your arrest at the right time.
For mobile phones, don’t bother encrypting them.
Mobile phones have shit security anyway, don’t store anything valuable on them.
Think of your phone security as India’s 56-bit security.
I always use the portable version on a USB flash drive.
https://launchpad.net/veracrypt/trunk/1.26.18/+download/VeraCrypt%20Portable%201.26.18.exe
Still running TrueCrypt 7.1a, never migrated to VeraCrypt. I know, remember all the debates about TrueCrypt’s possible issues back when its team decided to abandon the ship. I run for some old software versions never updated, on an old Windows 7 (yet a powerful defensive arsenal), never encounter any issues, happy to live quietly with non bloated applications. I don’t need bells and whistles, all I’ve ever wanted was neither a race car nor a tank, just good working stuff. I need only basic software (read, view, listen, surf), don’t play games, no need for AI, no need for bloated software of which I’d use but half (or a fourth) of its potential, no need to go showing off with relatives and on the blogs that I run the latest this and that, I like old coaches, old cars (no electronics, no digital connections, some rust, needs paint, but engine is ok, à la ‘Columbo’!), modest yet strong, comfortable. Modern life appears to me exhausting to be frank, especially given the pace, moving too fast, yesterday becoming old when there were times old was last year. Carpe diem.
Came here to say this. Open source or not, I’ll never trust VeraCrypt. The takeover from TrueCrypt was extremely suspicious. I’ll be using the last known safe TrueCrypt release indefinitely.
https://www.veracrypt.fr/en/Downloads.html
No 1.26.18 versions to be found there.
Yes, it is not there yet. You can download it from Sourceforge: https://sourceforge.net/projects/veracrypt/files/VeraCrypt%201.26.18/